CompTIA CASP+ Security Engineering Test 4 with 100% Correct answers
1. What is the main purpose of performing a risk assessment in security
engineering?
• A) To reduce software licensing costs
• B) To identify and mitigate potential threats
• C) To increase system efficiency
• Answer: B) To identify and mitigate potential threats
• Explanation: A risk assessment helps identify vulnerabilities and threats, allowing organizations
to implement measures to mitigate potential risks.
2. What is the key benefit of using Transport Layer Security (TLS) in
communications?
• A) Reduced network latency
• B) Enhanced data integrity and confidentiality
• C) Faster data processing
• Answer: B) Enhanced data integrity and confidentiality
• Explanation: TLS provides encryption, which ensures data integrity and confidentiality during
transmission.
3. Which of the following is a primary characteristic of asymmetric encryption?
• A) Faster encryption than symmetric
• B) Uses a single key for encryption and decryption
• C) Involves a public and private key pair
• Answer: C) Involves a public and private key pair
• Explanation: Asymmetric encryption uses a key pair, with the public key for encryption and the
private key for decryption, making it ideal for secure communications.
4. Which concept involves continuously improving security protocols in response
to new threats?
• A) Static security practices
• B) Dynamic defense
• C) Least privilege
• Answer: B) Dynamic defense
• Explanation: Dynamic defense adapts security measures based on evolving threats, keeping
security up-to-date.
5. Which practice ensures that systems remain operational and accessible during
attacks?
, • A) Confidentiality management
• B) Business continuity planning
• C) Patch management
• Answer: B) Business continuity planning
• Explanation: Business continuity planning focuses on maintaining system availability and
operational resilience in the face of disruptions.
6. What is the primary function of an Intrusion Prevention System (IPS)?
• A) Monitoring user activity
• B) Preventing unauthorized network access
• C) Redirecting network traffic
• Answer: B) Preventing unauthorized network access
• Explanation: An IPS actively monitors and blocks potentially harmful traffic, preventing
unauthorized access and attacks.
7. What is the purpose of a digital certificate in a Public Key Infrastructure
(PKI)?
• A) To authenticate a user's identity
• B) To provide firewall rules
• C) To improve system performance
• Answer: A) To authenticate a user's identity
• Explanation: Digital certificates validate the identity of users or devices within PKI, ensuring
trust in communications.
8. Which method involves breaking data into packets for secure transmission
over the internet?
• A) Hashing
• B) Packetization
• C) Encryption
• Answer: B) Packetization
• Explanation: Packetization divides data into smaller, manageable units, ensuring secure and
efficient transmission.
9. What type of encryption is commonly used in WPA2 for wireless security?
• A) RSA
• B) AES
• C) SHA-256
• Answer: B) AES
• Explanation: WPA2 uses AES encryption to secure wireless communications, providing robust
security for Wi-Fi networks.
1. What is the main purpose of performing a risk assessment in security
engineering?
• A) To reduce software licensing costs
• B) To identify and mitigate potential threats
• C) To increase system efficiency
• Answer: B) To identify and mitigate potential threats
• Explanation: A risk assessment helps identify vulnerabilities and threats, allowing organizations
to implement measures to mitigate potential risks.
2. What is the key benefit of using Transport Layer Security (TLS) in
communications?
• A) Reduced network latency
• B) Enhanced data integrity and confidentiality
• C) Faster data processing
• Answer: B) Enhanced data integrity and confidentiality
• Explanation: TLS provides encryption, which ensures data integrity and confidentiality during
transmission.
3. Which of the following is a primary characteristic of asymmetric encryption?
• A) Faster encryption than symmetric
• B) Uses a single key for encryption and decryption
• C) Involves a public and private key pair
• Answer: C) Involves a public and private key pair
• Explanation: Asymmetric encryption uses a key pair, with the public key for encryption and the
private key for decryption, making it ideal for secure communications.
4. Which concept involves continuously improving security protocols in response
to new threats?
• A) Static security practices
• B) Dynamic defense
• C) Least privilege
• Answer: B) Dynamic defense
• Explanation: Dynamic defense adapts security measures based on evolving threats, keeping
security up-to-date.
5. Which practice ensures that systems remain operational and accessible during
attacks?
, • A) Confidentiality management
• B) Business continuity planning
• C) Patch management
• Answer: B) Business continuity planning
• Explanation: Business continuity planning focuses on maintaining system availability and
operational resilience in the face of disruptions.
6. What is the primary function of an Intrusion Prevention System (IPS)?
• A) Monitoring user activity
• B) Preventing unauthorized network access
• C) Redirecting network traffic
• Answer: B) Preventing unauthorized network access
• Explanation: An IPS actively monitors and blocks potentially harmful traffic, preventing
unauthorized access and attacks.
7. What is the purpose of a digital certificate in a Public Key Infrastructure
(PKI)?
• A) To authenticate a user's identity
• B) To provide firewall rules
• C) To improve system performance
• Answer: A) To authenticate a user's identity
• Explanation: Digital certificates validate the identity of users or devices within PKI, ensuring
trust in communications.
8. Which method involves breaking data into packets for secure transmission
over the internet?
• A) Hashing
• B) Packetization
• C) Encryption
• Answer: B) Packetization
• Explanation: Packetization divides data into smaller, manageable units, ensuring secure and
efficient transmission.
9. What type of encryption is commonly used in WPA2 for wireless security?
• A) RSA
• B) AES
• C) SHA-256
• Answer: B) AES
• Explanation: WPA2 uses AES encryption to secure wireless communications, providing robust
security for Wi-Fi networks.
